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DETAILED ACTION 

1 . Pursuant to USC 131 , claims 1-21 are presented for examination. 

2. Claims 1-21 are pending. 

Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form 
the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1-21 are rejected under 35 U.S.C. 102(b) as being disclosed by Bhagwat 
et al. (U.S. Patent No. 7,139,268 B1). 

Regarding claim 1 . Bhagwat et al. . discloses a communications method for use in 
a system including comprising a first, second and third nodes, and a first secret, 
said first secret being shared between the first and second nodes to secure 
communications between said first and second nodes, the method comprising: 
operating the first node to establish a secure communications session with said 
second node using the first shared secret to secure the contents of packets 
communicated from the first node that are directed to the second node as part of 
the secure communications session; operating a third node which is coupled to 
said first and second nodes to maintain in memory a copy of said first shared 
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secret; and operating the third node to receive a secure flow of packets from the 
first node that are directed to said second node as part of the secure 
communications session (col. 5 lines 43-62). 

Regarding claim 2 , Bhaqwat et aL discloses the method of claim 1 , further 
comprising: operating the third node to receive from said second node the first 
shared secret and to store the first shared secret in memory, said received first 
shared secret being encrypted using a second shared secret known to the 
second and third nodes (col. 5 lines 43-62). 

Regarding claim 3 , Bhaqwat et aL , discloses the method of claim 2, further 
comprising: operating said third node to receive and process packets sent from 
said first node as part of said established communications session, said third 
node sending a message to the first node indicating successful receipt of packets 
by said second node (col. 5 lines 43-62). 

Regarding claim 4 , Bhaqwat et aL , discloses the method of claim 3, wherein said 
third node uses said first shared secret to secure the message to the first node 
(col. 5 lines 43-62). 



Regarding claim 5 , Bhaqwat et aL , discloses the method of claim 5, wherein said 
third node operates as an application proxy for said second node during said 
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secure communications session without informing said first node that the third 
node is acting as a proxy in the place of said second node (col. 5 lines 43-62). 

Regarding claim 6 , Bhagwat et aL discloses the method of claim 5, further 
comprising: operating the third node to transmit information obtained from said 
communications session while said third node was acting as a proxy for said 
second node to said second node; and operating the second node to continue 
the secure communications session with the first node (col. 5 lines 43-62). 



Regarding claim 7 , Bhagwat et aL discloses the method of claim 1, further 
comprising: operating the third node to inspect the secure packet flow from the 
first node, said step of inspecting said secure packet flow including performing at 
least one of a group of security steps which use the first shared secret, said 
group of security steps comprising: decrypting a packet, integrity checking 
contents of a packet, and authenticating a sender of a packet (col. 5 lines 43-62 

Regarding claim 8 , Bhagwat et aL discloses the method of claim 7, further 
comprising: operating the third node to drop the packet from the packet flow if the 
performed at least one of the group of security checks fails (0006 and 0053- 
0055). 
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Regarding claim 9 , Bhagwat et aL discloses the method of claim 7, further 
comprising: operating the third node to additionally process the packets from the 
packet flow if no performed security check in said group of security checks fails 
(col. 5 lines 43-62). 

Regarding claim 10 , Bhagwat et aL discloses the method of claim 9, further 
comprising: operating the third node to identify a packet with a disallowed packet 
payload by comparing at least a portion of the payload of each packet in the 
packet flow to information indicating allowed packet payloads, payloads of a type 
which are not indicated by said information being disallowed packet payloads 
(col. 5 lines 43-62). 

Regarding claim 1 1 , Bhagwat et aL . discloses the method of claim 10, further 
comprising: operating the third node to drop an identified packet with a 
disallowed packet payload (col. 5 lines 43-62). 

Regarding claim 12 , Bhagwat et aL , discloses the method of claim 10, further 
comprising: operating the third node to modify the packet payload of packets 
identified to include a disallowed packet payload based on stored information 
indicating payload modifications to be made to disallowed packet payloads (col. 5 
lines 43-62). 
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Regarding claim 13 . Bhagwat et aL , discloses the method of claim 12, wherein 
the modified payload generated by modifying a packet payload includes a 
message indicating that an erroneous payload was detected at the third node 
(col. 5 lines 43-62). 

Regarding claim 14 , Bhagwat et aL , discloses the method of claim 10, further 
comprising: operating the third node to process at least two packets in the packet 
flow to produce at least a third packet (col. 5 lines 43-62). 

Regarding claim 15 , Bhagwat et aL discloses the method of claim 9, further 
comprising; operating the third node to generate an additional packet flow from 
the received packet flow directed to the second node and to forward the 
additional packet flow to the second node, packets in said additional packet flow 
having a source address corresponding to the first node and a destination 
address corresponding to the second node, said step of generating an additional 
packet flow including at least one of a group of security steps which use the first 
shared secret, the group of security steps consisting of: encrypting a packet, 
adding an integrity check for the contents of the packet, and adding an 
authenticator check for the packet sender (col. 5 lines 43-62). 



Regarding claim 16 , Bhagwat et aL , discloses the method of claim 1 , wherein the 
second and third nodes each include a second secret used to secure 
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communications between the third node and the second node, the method 
further comprising: operating the third node to generate an additional packet flow 
from the received packet flow directed to the second node and to forward the 
additional packet flow to the second node, packets in said additional packet flow 
having a source address corresponding to the third node and a destination 
address corresponding to the second node, said step of generating an additional 
packet flow including at least one of a group of security steps which use the 
second shared secret, the group of security steps consisting of: encrypting a 
packet, adding an integrity check for the contents of the packet, and adding an 
authenticator check for the packet sender (col. 5 lines 43-62). 

Regarding claim 17 , Bhagwat et aL discloses the method of claim 16, further 
comprising: operating the second node to communicate the first shared secret to 
the third node, the first shared secret being encrypted using the second shared 
secret (col. 5 lines 43-62). 

Regarding claim 18 , Bhagwat et aL discloses the method of claim 17, further 
comprising: mutually authenticating the second and third nodes prior to the 
second node transmitting the first shared secret to the third node (col. 5 lines 43- 
62). 
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Regarding claim 19 . Bhaqwat et al. . discloses a communications system, 
comprising: a first node including a first shared secret and a communications 
application for establishing a secure communications session using said first 
shared secret to secure packets communicated as part of said secure 
communications session; a mobile node including said first shared secret, a 
second shared secret, and at least one :ommunications application for 
maintaining a secure communications session with said first node using said first 
shared secret; an intermediate node, coupled to said first node and said mobile 
node, said intermediate node including said first shared secret and said second 
shared secret, said intermediate node including: means for processing packets 
directed by said first node towards said mobile node as part of a secure 
communications session using said first shared secret; and means for sending a 
message to said first node secured by said first shared secret indicating 
successful receipt of said packets by said mobile node (col. 5 lines 43-62). 

Regarding claim 20 , Bhaqwat et al. , discloses the communication system of 
claim 19, wherein said intermediate node further includes: means for 
communicating information generated by processing packets directed to said 
mobile node to said mobile node in packets secured using said second shared 
secret, said Information being the result of application processing performed on 
the payload of at least two Jata packets to generate information not present in 
either of the two data packets (col. 5 lines 43-62). 
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Regarding claim 21 . Bhaqwat et al. . discloses the communication system of 
claim 20, wherein the mobile node includes means for ending said first shared 
secret to said intermediate node in an encrypted format resulting in encryption 
processing using said second shared secret (col. 5 lines 43-62). 



Application/Control Number: 10/685,720 
Art Unit: 2136 



Page 10 



Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Chinwendu C. Okoronkwo whose telephone number is 
(571) 272 2662. The examiner can normally be reached on MWF 9:30 - 7:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser Moazzami can be reached on (571) 272 4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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